Support & Knowledge Base

FAQs

Do Share Rooms violate zero knowledge?

Zero knowledge means that only you are able to access the data in a readable format. This means that anytime you publicly "share" files online, they're no longer zero knowledge. Information that has been placed in a share room is not zero knowledge for as long as the share room exists, since other users can access it without knowing your username and password. You can password protect your share room, but the files within it are temporarily stored in plaintext and are therefore no longer zero knowledge.

However, creating a share room does not violate the zero knowledge of any of your other data. Only the files which have been specifically placed in the share room are accessible without your username and password. Files in the share room are temporarily stored and cached in plaintext, whereas the rest of your account is never stored on our servers in plaintext.

How did this happen? How is your the privacy of all the other unshared items preserved, while yet being able to arbitrarily choose to share various portions? Most storage providers -- if they offer encryption at all -- only use one encryption key per account. Instead, SpiderOak uses a nested system of many small scoped encryption keys. When you create a ShareRoom, the SpiderOak client makes the encryption keys of appropriate scope for the contents of that share room public. This makes it possible for our webservers to present the contents to visitors, but nothing beyond the Share Room is known.